Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site ucbvax.ARPA Path: utzoo!watmath!clyde!cbosgd!ulysses!ucbvax!info-vax From: info-vax@ucbvax.ARPA Newsgroups: fa.info-vax Subject: Re: SYSTEM login Message-ID: <5066@ucbvax.ARPA> Date: Mon, 25-Feb-85 12:48:42 EST Article-I.D.: ucbvax.5066 Posted: Mon Feb 25 12:48:42 1985 Date-Received: Wed, 27-Feb-85 06:37:58 EST Sender: daemon@ucbvax.ARPA Organization: University of California at Berkeley Lines: 32 From: Jerry Leichter Can the default username for system initialization be changed somehow? This would allow *not* having a SYSTEM account for someone to try and break into. The way I see it now, you *must* have a SYSTEM account with full privileges. _H* ------- This hardly seems worth the trouble. Put an 8-character, randomly chosen password on SYSTEM and you are safe as you are likely to get. If you really feel that you want to do this, you might try setting the SYSTEM account DISUSER. I doubt the startup job goes through any of the normal login procedures, so it should not be affected. (I'd do this on a removable pack, just to be sure I could put the world back together if I failed.) That should keep people frustrated....though how it differs from a good password is beyond me. (User tries to get in. Whether SYSTEM exists and he has the wrong password, or it doesn't exist, or it exists, he has the right password, but it is DISUSER'ed, he gets the same error message. How is one more effective than the other?) Also, there are other standard accounts - FIELD and DECNET come to mind. Plus, it's usually a trivial matter to find out the names of a couple of users on any system. Or guess that SMITH or JOHNSON is probably out there somewhere. -- Jerry -------